def test_undefined_action_is_logged(self): """Undefined action is logged at warning level.""" create_file( self.authz_file, textwrap.dedent("""\ [groups] administrators = éat [wiki:WikiStart] änon = UNKNOWN_VIEW, TEST_CREATE, !TEST_MODIFY [milestone:milestone1] * = UNKNOWN_MODIFY, !TEST_VIEW """)) authz_policy = AuthzPolicy(self.env) authz_policy.parse_authz() self.assertEqual(2, len(self.env.log_messages)) self.assertIn( ('WARNING', 'The action UNKNOWN_VIEW in the [wiki:WikiStart] ' 'section of trac-authz-policy is not a valid action.'), self.env.log_messages) self.assertIn( ('WARNING', 'The action UNKNOWN_MODIFY in the [milestone:milestone1] ' 'section of trac-authz-policy is not a valid action.'), self.env.log_messages)
def test_undefined_action_is_logged(self): """Undefined action is logged at warning level.""" create_file( self.authz_file, """\ [groups] administrators = éat [wiki:WikiStart] änon = UNKNOWN_VIEW, WIKI_VIEW [milestone:milestone1] * = UNKNOWN_EDIT """) authz_policy = AuthzPolicy(self.env) authz_policy.parse_authz() self.assertNotIn(('WARNING', u'The action éat in the [groups] ' u'section of trac-authz-policy is not a ' u'valid action.'), self.env.log_messages) self.assertIn(('WARNING', 'The action UNKNOWN_VIEW in the ' '[wiki:WikiStart] section of ' 'trac-authz-policy is not a valid action.'), self.env.log_messages) self.assertIn(('WARNING', 'The action UNKNOWN_EDIT in the ' '[milestone:milestone1] section of ' 'trac-authz-policy is not a valid action.'), self.env.log_messages)
def test_parse_authz_no_settings(self): """Allow the file to have no settings.""" create_file(self.authz_file, """\ # [wiki:WikiStart] # änon = WIKI_VIEW # * = """) authz_policy = AuthzPolicy(self.env) authz_policy.parse_authz() self.assertEqual([], authz_policy.authz.sections())
def setUp(self): tmpdir = os.path.realpath(tempfile.gettempdir()) self.authz_file = os.path.join(tmpdir, 'trac-authz-policy') create_file( self.authz_file, """\ # Unicode user names [groups] administrators = éat [wiki:WikiStart] änon = WIKI_VIEW @administrators = WIKI_VIEW * = # Unicode page names [wiki:résumé] änon = @administrators = WIKI_VIEW * = # Tickets [ticket:43] änon = TICKET_VIEW @administrators = * = [ticket:*] änon = @administrators = TICKET_VIEW * = # Default repository [repository:@*] änon = @administrators = BROWSER_VIEW, FILE_VIEW * = # Non-default repository [repository:bláh@*] änon = BROWSER_VIEW, FILE_VIEW @administrators = BROWSER_VIEW, FILE_VIEW * = """) self.env = EnvironmentStub(enable=['trac.*', AuthzPolicy], path=tmpdir) self.env.config.set('trac', 'permission_policies', 'AuthzPolicy, DefaultPermissionPolicy') self.env.config.set('authz_policy', 'authz_file', self.authz_file) self.authz_policy = AuthzPolicy(self.env)
def test_parse_authz_malformed_raises(self): """ConfigurationError should be raised if the file is malformed.""" create_file(self.authz_file, """\ wiki:WikiStart] änon = WIKI_VIEW * = """) authz_policy = AuthzPolicy(self.env) self.assertRaises(ConfigurationError, authz_policy.parse_authz)
class AuthzPolicyTestCase(unittest.TestCase): def setUp(self): tmpdir = os.path.realpath(tempfile.gettempdir()) self.authz_file = os.path.join(tmpdir, 'trac-authz-policy') create_file(self.authz_file, """\ # Unicode user names [groups] administrators = éat [wiki:WikiStart] änon = WIKI_VIEW @administrators = WIKI_VIEW * = # Unicode page names [wiki:résumé] änon = @administrators = WIKI_VIEW * = """) self.env = EnvironmentStub(enable=[AuthzPolicy]) self.env.config.set('authz_policy', 'authz_file', self.authz_file) self.authz_policy = AuthzPolicy(self.env) def tearDown(self): self.env.reset_db() os.remove(self.authz_file) def check_permission(self, action, user, resource, perm): return self.authz_policy.check_permission(action, user, resource, perm) def test_unicode_username(self): resource = Resource('wiki', 'WikiStart') self.assertEqual( False, self.check_permission('WIKI_VIEW', 'anonymous', resource, None)) self.assertEqual( True, self.check_permission('WIKI_VIEW', u'änon', resource, None)) def test_unicode_resource_name(self): resource = Resource('wiki', u'résumé') self.assertEqual( False, self.check_permission('WIKI_VIEW', 'anonymous', resource, None)) self.assertEqual( False, self.check_permission('WIKI_VIEW', u'änon', resource, None)) self.assertEqual( True, self.check_permission('WIKI_VIEW', u'éat', resource, None))
def test_parse_authz_malformed_raises(self): """ConfigurationError should be raised if the file is malformed.""" create_file( self.authz_file, textwrap.dedent("""\ wiki:WikiStart] änon = WIKI_VIEW * = """)) authz_policy = AuthzPolicy(self.env) authz_mtime = authz_policy.authz_mtime self.assertRaises(ConfigurationError, authz_policy.parse_authz) self.assertEqual(authz_mtime, authz_policy.authz_mtime)
def test_parse_authz_duplicated_options_raises(self): """DuplicateOptionError should be raised if a section has duplicate options.""" create_file( self.authz_file, textwrap.dedent("""\ [wiki:WikiStart] änon = WIKI_VIEW änon = WIKI_ADMIN """)) authz_policy = AuthzPolicy(self.env) self.assertRaises(configparser.DuplicateOptionError, authz_policy.parse_authz)
def setUp(self): tmpdir = os.path.realpath(tempfile.gettempdir()) self.authz_file = os.path.join(tmpdir, 'trac-authz-policy') create_file( self.authz_file, """\ # Unicode user names [groups] administrators = éat [wiki:WikiStart] änon = WIKI_VIEW @administrators = WIKI_VIEW * = # Unicode page names [wiki:résumé] änon = @administrators = WIKI_VIEW * = """) self.env = EnvironmentStub(enable=[AuthzPolicy]) self.env.config.set('authz_policy', 'authz_file', self.authz_file) self.authz_policy = AuthzPolicy(self.env)
def setUp(self): tmpdir = os.path.realpath(tempfile.gettempdir()) self.authz_file = os.path.join(tmpdir, "trac-authz-policy") create_file( self.authz_file, """\ # Unicode user names [groups] administrators = éat [wiki:WikiStart] änon = WIKI_VIEW @administrators = WIKI_VIEW * = # Unicode page names [wiki:résumé] änon = @administrators = WIKI_VIEW * = # Tickets [ticket:43] änon = TICKET_VIEW @administrators = * = [ticket:*] änon = @administrators = TICKET_VIEW * = # Default repository [repository:@*] änon = @administrators = BROWSER_VIEW, FILE_VIEW * = # Non-default repository [repository:bláh@*] änon = BROWSER_VIEW, FILE_VIEW @administrators = BROWSER_VIEW, FILE_VIEW * = """, ) self.env = EnvironmentStub(enable=["trac.*", AuthzPolicy], path=tmpdir) self.env.config.set("trac", "permission_policies", "AuthzPolicy, DefaultPermissionPolicy") self.env.config.set("authz_policy", "authz_file", self.authz_file) self.authz_policy = AuthzPolicy(self.env)
class AuthzPolicyTestCase(unittest.TestCase): def setUp(self): tmpdir = os.path.realpath(tempfile.gettempdir()) self.authz_file = os.path.join(tmpdir, 'trac-authz-policy') create_file( self.authz_file, """\ # Unicode user names [groups] administrators = éat [wiki:WikiStart] änon = WIKI_VIEW @administrators = WIKI_VIEW * = # Unicode page names [wiki:résumé] änon = @administrators = WIKI_VIEW * = """) self.env = EnvironmentStub(enable=[AuthzPolicy]) self.env.config.set('authz_policy', 'authz_file', self.authz_file) self.authz_policy = AuthzPolicy(self.env) def tearDown(self): self.env.reset_db() os.remove(self.authz_file) def check_permission(self, action, user, resource, perm): return self.authz_policy.check_permission(action, user, resource, perm) def test_unicode_username(self): resource = Resource('wiki', 'WikiStart') self.assertEqual( False, self.check_permission('WIKI_VIEW', 'anonymous', resource, None)) self.assertEqual( True, self.check_permission('WIKI_VIEW', u'änon', resource, None)) def test_unicode_resource_name(self): resource = Resource('wiki', u'résumé') self.assertEqual( False, self.check_permission('WIKI_VIEW', 'anonymous', resource, None)) self.assertEqual( False, self.check_permission('WIKI_VIEW', u'änon', resource, None)) self.assertEqual( True, self.check_permission('WIKI_VIEW', u'éat', resource, None))
def setUp(self): tmpdir = os.path.realpath(tempfile.gettempdir()) self.authz_file = os.path.join(tmpdir, 'trac-authz-policy') create_file(self.authz_file, """\ # Unicode user names [groups] administrators = éat [wiki:WikiStart] änon = WIKI_VIEW @administrators = WIKI_VIEW * = # Unicode page names [wiki:résumé] änon = @administrators = WIKI_VIEW * = """) self.env = EnvironmentStub(enable=[AuthzPolicy]) self.env.config.set('authz_policy', 'authz_file', self.authz_file) self.authz_policy = AuthzPolicy(self.env)
def test_parse_authz_empty(self): """Allow the file to be empty.""" create_file(self.authz_file, '') authz_policy = AuthzPolicy(self.env) authz_policy.parse_authz() self.assertEqual([], authz_policy.authz.sections())
def test_get_authz_file(self): """get_authz_file should resolve a relative path.""" authz_policy = AuthzPolicy(self.env) authz_file = authz_policy.authz_file self.assertTrue(os.path.isabs(authz_file))
class AuthzPolicyTestCase(unittest.TestCase): def setUp(self): tmpdir = os.path.realpath(tempfile.gettempdir()) self.authz_file = os.path.join(tmpdir, "trac-authz-policy") create_file( self.authz_file, """\ # Unicode user names [groups] administrators = éat [wiki:WikiStart] änon = WIKI_VIEW @administrators = WIKI_VIEW * = # Unicode page names [wiki:résumé] änon = @administrators = WIKI_VIEW * = # Tickets [ticket:43] änon = TICKET_VIEW @administrators = * = [ticket:*] änon = @administrators = TICKET_VIEW * = # Default repository [repository:@*] änon = @administrators = BROWSER_VIEW, FILE_VIEW * = # Non-default repository [repository:bláh@*] änon = BROWSER_VIEW, FILE_VIEW @administrators = BROWSER_VIEW, FILE_VIEW * = """, ) self.env = EnvironmentStub(enable=["trac.*", AuthzPolicy], path=tmpdir) self.env.config.set("trac", "permission_policies", "AuthzPolicy, DefaultPermissionPolicy") self.env.config.set("authz_policy", "authz_file", self.authz_file) self.authz_policy = AuthzPolicy(self.env) def tearDown(self): self.env.reset_db() os.remove(self.authz_file) def check_permission(self, action, user, resource, perm): return self.authz_policy.check_permission(action, user, resource, perm) def get_repository(self, reponame): params = {"id": 1, "name": reponame} return Mock(Repository, "mock", params, self.env.log) def get_perm(self, username, *args): perm = PermissionCache(self.env, username) if args: return perm(*args) return perm def test_unicode_username(self): resource = Resource("wiki", "WikiStart") perm = self.get_perm("anonymous") self.assertFalse(self.check_permission("WIKI_VIEW", "anonymous", resource, perm)) self.assertNotIn("WIKI_VIEW", perm) self.assertNotIn("WIKI_VIEW", perm(resource)) perm = self.get_perm(u"änon") self.assertTrue(self.check_permission("WIKI_VIEW", u"änon", resource, perm)) self.assertNotIn("WIKI_VIEW", perm) self.assertIn("WIKI_VIEW", perm(resource)) def test_unicode_resource_name(self): resource = Resource("wiki", u"résumé") perm = self.get_perm("anonymous") self.assertFalse(self.check_permission("WIKI_VIEW", "anonymous", resource, perm)) self.assertNotIn("WIKI_VIEW", perm) self.assertNotIn("WIKI_VIEW", perm(resource)) perm = self.get_perm(u"änon") self.assertFalse(self.check_permission("WIKI_VIEW", u"änon", resource, perm)) self.assertNotIn("WIKI_VIEW", perm) self.assertNotIn("WIKI_VIEW", perm(resource)) perm = self.get_perm(u"éat") self.assertTrue(self.check_permission("WIKI_VIEW", u"éat", resource, perm)) self.assertNotIn("WIKI_VIEW", perm) self.assertIn("WIKI_VIEW", perm(resource)) def test_resource_without_id(self): perm = self.get_perm("anonymous") self.assertNotIn("TICKET_VIEW", perm) self.assertNotIn("TICKET_VIEW", perm("ticket")) self.assertNotIn("TICKET_VIEW", perm("ticket", 42)) self.assertNotIn("TICKET_VIEW", perm("ticket", 43)) perm = self.get_perm(u"änon") self.assertNotIn("TICKET_VIEW", perm) self.assertNotIn("TICKET_VIEW", perm("ticket")) self.assertNotIn("TICKET_VIEW", perm("ticket", 42)) self.assertIn("TICKET_VIEW", perm("ticket", 43)) perm = self.get_perm(u"éat") self.assertNotIn("TICKET_VIEW", perm) self.assertIn("TICKET_VIEW", perm("ticket")) self.assertIn("TICKET_VIEW", perm("ticket", 42)) self.assertNotIn("TICKET_VIEW", perm("ticket", 43)) def test_default_repository(self): repos = self.get_repository("") self.assertFalse(repos.is_viewable(self.get_perm("anonymous"))) self.assertFalse(repos.is_viewable(self.get_perm(u"änon"))) self.assertTrue(repos.is_viewable(self.get_perm(u"éat"))) def test_non_default_repository(self): repos = self.get_repository(u"bláh") self.assertFalse(repos.is_viewable(self.get_perm("anonymous"))) self.assertTrue(repos.is_viewable(self.get_perm(u"änon"))) self.assertTrue(repos.is_viewable(self.get_perm(u"éat"))) def test_case_sensitive_resource(self): resource = Resource("WIKI", "wikistart") self.assertIsNone(self.check_permission("WIKI_VIEW", "anonymous", resource, None)) self.assertIsNone(self.check_permission("WIKI_VIEW", u"änon", resource, None)) def test_get_authz_file(self): """get_authz_file should resolve a relative path and lazily compute. """ authz_file = self.authz_policy.get_authz_file self.assertEqual(os.path.join(self.env.path, "trac-authz-policy"), authz_file) self.assertIs(authz_file, self.authz_policy.get_authz_file) def test_get_authz_file_notfound_raises(self): """ConfigurationError exception should be raised if file not found.""" authz_file = os.path.join(self.env.path, "some-nonexistent-file") self.env.config.set("authz_policy", "authz_file", authz_file) self.assertRaises(ConfigurationError, getattr, self.authz_policy, "get_authz_file") def test_get_authz_file_notdefined_raises(self): """ConfigurationError exception should be raised if the option `[authz_policy] authz_file` is not specified in trac.ini.""" self.env.config.remove("authz_policy", "authz_file") self.assertRaises(ConfigurationError, getattr, self.authz_policy, "get_authz_file") def test_get_authz_file_empty_raises(self): """ConfigurationError exception should be raised if the option `[authz_policy] authz_file` is empty.""" self.env.config.set("authz_policy", "authz_file", "") self.assertRaises(ConfigurationError, getattr, self.authz_policy, "get_authz_file") def test_parse_authz_empty(self): """Allow the file to be empty.""" create_file(self.authz_file, "") self.authz_policy.parse_authz() self.assertFalse(self.authz_policy.authz) def test_parse_authz_no_settings(self): """Allow the file to have no settings.""" create_file( self.authz_file, """\ # [wiki:WikiStart] # änon = WIKI_VIEW # * = """, ) self.authz_policy.parse_authz() self.assertFalse(self.authz_policy.authz) def test_parse_authz_malformed_raises(self): """ConfigurationError should be raised if the file is malformed.""" create_file( self.authz_file, """\ wiki:WikiStart] änon = WIKI_VIEW * = """, ) self.assertRaises(ConfigurationError, self.authz_policy.parse_authz) def test_parse_authz_duplicated_sections_raises(self): """ConfigurationError should be raised if the file has duplicate sections.""" create_file( self.authz_file, """\ [wiki:WikiStart] änon = WIKI_VIEW [wiki:WikiStart] änon = WIKI_VIEW """, ) self.assertRaises(ConfigurationError, self.authz_policy.parse_authz)
def check_permission(self, action, user, resource, perm=None): authz_policy = AuthzPolicy(self.env) return authz_policy.check_permission(action, user, resource, perm)
def test_get_authz_file(self): """get_authz_file should resolve a relative path.""" authz_policy = AuthzPolicy(self.env) authz_file = authz_policy.authz_file self.assertEqual(os.path.join(self.env.path, 'trac-authz-policy'), authz_file)
def check_permission(self, action, user, resource, perm): authz_policy = AuthzPolicy(self.env) return authz_policy.check_permission(action, user, resource, perm)
class AuthzPolicyTestCase(unittest.TestCase): def setUp(self): tmpdir = os.path.realpath(tempfile.gettempdir()) self.authz_file = os.path.join(tmpdir, 'trac-authz-policy') create_file( self.authz_file, """\ # Unicode user names [groups] administrators = éat [wiki:WikiStart] änon = WIKI_VIEW @administrators = WIKI_VIEW * = # Unicode page names [wiki:résumé] änon = @administrators = WIKI_VIEW * = # Tickets [ticket:43] änon = TICKET_VIEW @administrators = * = [ticket:*] änon = @administrators = TICKET_VIEW * = # Default repository [repository:@*] änon = @administrators = BROWSER_VIEW, FILE_VIEW * = # Non-default repository [repository:bláh@*] änon = BROWSER_VIEW, FILE_VIEW @administrators = BROWSER_VIEW, FILE_VIEW * = """) self.env = EnvironmentStub(enable=['trac.*', AuthzPolicy], path=tmpdir) self.env.config.set('trac', 'permission_policies', 'AuthzPolicy, DefaultPermissionPolicy') self.env.config.set('authz_policy', 'authz_file', self.authz_file) self.authz_policy = AuthzPolicy(self.env) def tearDown(self): self.env.reset_db() os.remove(self.authz_file) def check_permission(self, action, user, resource, perm): return self.authz_policy.check_permission(action, user, resource, perm) def get_repository(self, reponame): params = {'id': 1, 'name': reponame} return Mock(Repository, 'mock', params, self.env.log) def get_perm(self, username, *args): perm = PermissionCache(self.env, username) if args: return perm(*args) return perm def test_unicode_username(self): resource = Resource('wiki', 'WikiStart') perm = self.get_perm('anonymous') self.assertFalse( self.check_permission('WIKI_VIEW', 'anonymous', resource, perm)) self.assertNotIn('WIKI_VIEW', perm) self.assertNotIn('WIKI_VIEW', perm(resource)) perm = self.get_perm(u'änon') self.assertTrue( self.check_permission('WIKI_VIEW', u'änon', resource, perm)) self.assertNotIn('WIKI_VIEW', perm) self.assertIn('WIKI_VIEW', perm(resource)) def test_unicode_resource_name(self): resource = Resource('wiki', u'résumé') perm = self.get_perm('anonymous') self.assertFalse( self.check_permission('WIKI_VIEW', 'anonymous', resource, perm)) self.assertNotIn('WIKI_VIEW', perm) self.assertNotIn('WIKI_VIEW', perm(resource)) perm = self.get_perm(u'änon') self.assertFalse( self.check_permission('WIKI_VIEW', u'änon', resource, perm)) self.assertNotIn('WIKI_VIEW', perm) self.assertNotIn('WIKI_VIEW', perm(resource)) perm = self.get_perm(u'éat') self.assertTrue( self.check_permission('WIKI_VIEW', u'éat', resource, perm)) self.assertNotIn('WIKI_VIEW', perm) self.assertIn('WIKI_VIEW', perm(resource)) def test_resource_without_id(self): perm = self.get_perm('anonymous') self.assertNotIn('TICKET_VIEW', perm) self.assertNotIn('TICKET_VIEW', perm('ticket')) self.assertNotIn('TICKET_VIEW', perm('ticket', 42)) self.assertNotIn('TICKET_VIEW', perm('ticket', 43)) perm = self.get_perm(u'änon') self.assertNotIn('TICKET_VIEW', perm) self.assertNotIn('TICKET_VIEW', perm('ticket')) self.assertNotIn('TICKET_VIEW', perm('ticket', 42)) self.assertIn('TICKET_VIEW', perm('ticket', 43)) perm = self.get_perm(u'éat') self.assertNotIn('TICKET_VIEW', perm) self.assertIn('TICKET_VIEW', perm('ticket')) self.assertIn('TICKET_VIEW', perm('ticket', 42)) self.assertNotIn('TICKET_VIEW', perm('ticket', 43)) def test_default_repository(self): repos = self.get_repository('') self.assertFalse(repos.is_viewable(self.get_perm('anonymous'))) self.assertFalse(repos.is_viewable(self.get_perm(u'änon'))) self.assertTrue(repos.is_viewable(self.get_perm(u'éat'))) def test_non_default_repository(self): repos = self.get_repository(u'bláh') self.assertFalse(repos.is_viewable(self.get_perm('anonymous'))) self.assertTrue(repos.is_viewable(self.get_perm(u'änon'))) self.assertTrue(repos.is_viewable(self.get_perm(u'éat'))) def test_case_sensitive_resource(self): resource = Resource('WIKI', 'wikistart') self.assertIsNone( self.check_permission('WIKI_VIEW', 'anonymous', resource, None)) self.assertIsNone( self.check_permission('WIKI_VIEW', u'änon', resource, None)) def test_get_authz_file(self): """get_authz_file should resolve a relative path and lazily compute. """ authz_file = self.authz_policy.get_authz_file self.assertEqual(os.path.join(self.env.path, 'trac-authz-policy'), authz_file) self.assertIs(authz_file, self.authz_policy.get_authz_file) def test_get_authz_file_notfound_raises(self): """ConfigurationError exception should be raised if file not found.""" authz_file = os.path.join(self.env.path, 'some-nonexistent-file') self.env.config.set('authz_policy', 'authz_file', authz_file) self.assertRaises(ConfigurationError, getattr, self.authz_policy, 'get_authz_file') def test_get_authz_file_notdefined_raises(self): """ConfigurationError exception should be raised if the option `[authz_policy] authz_file` is not specified in trac.ini.""" self.env.config.remove('authz_policy', 'authz_file') self.assertRaises(ConfigurationError, getattr, self.authz_policy, 'get_authz_file') def test_get_authz_file_empty_raises(self): """ConfigurationError exception should be raised if the option `[authz_policy] authz_file` is empty.""" self.env.config.set('authz_policy', 'authz_file', '') self.assertRaises(ConfigurationError, getattr, self.authz_policy, 'get_authz_file') def test_parse_authz_empty(self): """Allow the file to be empty.""" create_file(self.authz_file, '') self.authz_policy.parse_authz() self.assertFalse(self.authz_policy.authz) def test_parse_authz_no_settings(self): """Allow the file to have no settings.""" create_file(self.authz_file, """\ # [wiki:WikiStart] # änon = WIKI_VIEW # * = """) self.authz_policy.parse_authz() self.assertFalse(self.authz_policy.authz) def test_parse_authz_malformed_raises(self): """ConfigurationError should be raised if the file is malformed.""" create_file(self.authz_file, """\ wiki:WikiStart] änon = WIKI_VIEW * = """) self.assertRaises(ConfigurationError, self.authz_policy.parse_authz) def test_parse_authz_duplicated_sections_raises(self): """ConfigurationError should be raised if the file has duplicate sections.""" create_file( self.authz_file, """\ [wiki:WikiStart] änon = WIKI_VIEW [wiki:WikiStart] änon = WIKI_VIEW """) self.assertRaises(ConfigurationError, self.authz_policy.parse_authz)